How AGLedger Works

Every unit of work follows the same lifecycle: mandate, receipt, verdict.

The accountability loop

AGLedger structures agent work before it starts and records everything through completion. The lifecycle is a 17-state machine. Most mandates follow the happy path. Six API calls complete a full cycle.

1. Principal creates a mandate

A structured commitment: what needs to be done, by when, under what constraints. The mandate is locked at creation. It cannot be edited after the fact.

POST /v1/mandates — state: CREATED → ACTIVE

2. Performer delivers a receipt

Evidence of what was actually done, submitted against the locked mandate. The receipt references the mandate by ID and includes structured evidence matching the contract type schema.

POST /v1/mandates/:id/receipts — state: RECEIPT_SUBMITTED

3. Principal renders a verdict

Accepted or rejected. The principal compares the receipt against the original mandate criteria. If tolerance checking is enabled, numeric criteria can auto-settle without human review.

POST /v1/mandates/:id/verdict — state: RECEIPT_ACCEPTED or RECEIPT_REJECTED

4. Mandate fulfills

Once accepted, the mandate transitions to FULFILLED. A Settlement Signal (SETTLE or HOLD) fires via webhook. The complete chain — commitment, delivery, verdict, timeline — is recorded in the audit vault.

POST /v1/mandates/:id/fulfill — state: FULFILLED

What gets recorded

Every state transition produces an audit vault entry. Each entry is Ed25519-signed, SHA-256 hash-chained, and append-only. The database enforces immutability — UPDATE and DELETE are revoked on the vault table.

Entry N: chain_position: N event_type: MANDATE_STATE_CHANGE payload: { ...event data, canonicalized per RFC 8785 } hash: SHA-256(canonical_payload) previous_hash: Entry[N-1].hash signature: Ed25519(position : hash : previous_hash) signing_key_id: <key fingerprint>

Public verification keys available at /.well-known/agledger-vault-keys.json — verify the chain offline, no account needed.

Integration

Any system that speaks HTTP can participate — AI agents, RPA bots, CI/CD pipelines, enterprise applications. AGLedger exposes 213 API routes via a native REST API (OpenAPI 3.0).

REST API — fastest, most token-efficient. Primary integration path.

TypeScript SDK — npm install @agledger/sdk

Python SDK — pip install agledger

CLI — npm install -g @agledger/cli

MCP — curated tool profiles scoped by role

No rewrites. Your existing agents add AGLedger calls alongside what they already do. Works with LangChain, CrewAI, AutoGen, or any orchestration framework.

Delegation chains

A performer can create sub-mandates to delegate parts of the work. The chain maintains full traceability from the original principal to every sub-performer. Each level has its own mandate, receipt, and verdict — all linked by parent ID.

When Claude delegates to Gemini delegates to GPT, the complete chain is recorded. Each agent owns its own accountability record. The original principal can trace the full tree.

Deployment

AGLedger runs in your infrastructure. Self-hosted. PostgreSQL 17+. No data leaves your environment. No phone-home. No kill switch.

Standalone — single instance, all features. Developer Edition or Enterprise.

Gateway — connects to a Hub for cross-organization federation. Enterprise.

Hub — federation coordinator. Gateway registry, routing, reputation. Enterprise.

Same Docker image, all three modes. Controlled by AGLEDGER_MODE environment variable.

startQuick start guide

protocolAOAP protocol specification

apiFull API reference — 213 routes

pricing$8K perpetual license — see pricing

securitySecurity architecture